package com.mano.mall.gateway.handler.impl;

import com.mano.commons.web.utils.HttpRequestUtil;
import com.mano.mall.gateway.handler.GatewayHandler;
import com.netflix.zuul.context.RequestContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.Map;

/**
 * @Author: zj
 * @Description:  过滤 Xss 等
 * @Date: Created in 11:47 2020/11/9
 * @Modified By:
 */
@Component
@Slf4j
public class XssFilterHandler extends BaseHandler implements GatewayHandler {

    @Override
    public void service(RequestContext ctx, HttpServletRequest request, HttpServletResponse response) {
        // 过滤非法参数
        Map<String, List<String>> filterParameters = HttpRequestUtil.filterParameters(request);
        ctx.setRequestQueryParams(filterParameters);
    }
}
